Shibboleth Developer's Meeting, Dec 12, 2014

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Next call is next Friday. Any reason not to meet ?

60 to 90 minute call window.

Call Details

This week's call will use the Lync system at OSU. To participate, call:

• +1 (614) 688-1800 (please use if possible)

• +1 (800) 678-6114 (use only if you're charged for the 614 number)

The Conference ID is: 738127#

International participants should be able to access the 800 number without charge through Skype.

Attendees:

Brent

Daniel

Ian

Marvin

Rod

• Jetty Logging

• Reviewing cases

• Questions:

  • How are we doing Open Case "end game"

  • How are we doing documentation

• Open Cases for review:

  • IDP-101  we provide the logo and the IdP Name.  Some people have the logo in their name and think the duplication is wrong.  Remove name is logo absent?

  • IDP-331 What does an attriute filter do if there is no Metadata (FAIL or FALSE)

  • IDP-451 Filter names, reference, logging the ID.  (1) Do we need more code (2) What is the plan.

Scott

• Finding additional message handlers and actions with message type constraints - we don't typically want these

• Added Spring wiring for a filter that can add EntityAttributes to metadata based on entityID or on a condition bean

• Added a WARN log

• Added an MDC filter to web.xml to add IP address and JSESSIONID to MDC - TBD, add IdP session ID somewhere, maybe inside webflows

• Changed conditional signing/encrypt rule for port 443 per note lo list

• Working on security config cleanup and scenarios

  • Added a simpler factory bean for the 99% case credential type (key and cert in resources)

  • Consolidated whitelists and blacklists into new conf, shared across metadata and RP services

  • Still working out best ways to simplify common RP override tasks like credentials or algorithms

Tom

Still working on limiting client-side consent storage, dealing with some ugliness in the code.

Other